package com.microsoft.did.sdk.identifier;

import com.microsoft.did.sdk.crypto.CryptoOperations;
import com.microsoft.did.sdk.crypto.keys.KeyType;
import com.microsoft.did.sdk.crypto.keys.PrivateKey;
import com.microsoft.did.sdk.crypto.keys.PublicKey;
import com.microsoft.did.sdk.crypto.models.AndroidConstants;
import com.microsoft.did.sdk.crypto.models.KeyUse;
import com.microsoft.did.sdk.crypto.models.KeyUseKt;
import com.microsoft.did.sdk.crypto.models.Sha;
import com.microsoft.did.sdk.crypto.models.webCryptoApi.W3cCryptoApiConstants;
import com.microsoft.did.sdk.crypto.models.webCryptoApi.algorithms.Algorithm;
import com.microsoft.did.sdk.crypto.models.webCryptoApi.algorithms.EcKeyGenParams;
import com.microsoft.did.sdk.identifier.models.Identifier;
import com.microsoft.did.sdk.identifier.models.payload.RegistrationPayload;
import com.microsoft.did.sdk.util.Base64Url;
import com.microsoft.did.sdk.util.ByteArrayUtilKt;
import com.microsoft.did.sdk.util.Constants;
import com.microsoft.did.sdk.util.controlflow.IdentifierCreatorException;
import com.microsoft.did.sdk.util.controlflow.Result;
import com.microsoft.identity.common.internal.dto.AccessTokenRecord;
import java.security.MessageDigest;
import java.util.Map;
import kotlin.Metadata;
import kotlin.TuplesKt;
import kotlin.collections.MapsKt__MapsJVMKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.random.Random;

/* compiled from: IdentifierCreator.kt */
@Metadata(d1 = {"\u0000@\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u000f\b\u0007\u0018\u00002\u00020\u0001B\u0017\b\u0007\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005¢\u0006\u0002\u0010\u0006J\u0018\u0010\u0007\u001a\u00020\b2\u0006\u0010\u0004\u001a\u00020\u00052\u0006\u0010\t\u001a\u00020\nH\u0002J\u0018\u0010\u000b\u001a\u00020\b2\u0006\u0010\u0004\u001a\u00020\u00052\u0006\u0010\t\u001a\u00020\nH\u0002J\u0014\u0010\f\u001a\b\u0012\u0004\u0012\u00020\u000e0\r2\u0006\u0010\u000f\u001a\u00020\bJ\u001c\u0010\u0010\u001a\b\u0012\u0004\u0012\u00020\u000e0\r2\u0006\u0010\u0011\u001a\u00020\b2\u0006\u0010\u0012\u001a\u00020\bJ:\u0010\u0013\u001a\u00020\u00142\u0006\u0010\u0015\u001a\u00020\u00162\u0006\u0010\u0017\u001a\u00020\b2\u0006\u0010\u0018\u001a\u00020\b2\b\u0010\u0019\u001a\u0004\u0018\u00010\b2\u0006\u0010\u0011\u001a\u00020\b2\u0006\u0010\u001a\u001a\u00020\bH\u0002J(\u0010\u001b\u001a\u00020\b2\u0006\u0010\u0011\u001a\u00020\b2\u0006\u0010\u0017\u001a\u00020\b2\u0006\u0010\u0015\u001a\u00020\b2\u0006\u0010\u001c\u001a\u00020\bH\u0002J\u0010\u0010\u001d\u001a\u00020\b2\u0006\u0010\u0012\u001a\u00020\bH\u0002J8\u0010\u001e\u001a\u00020\u000e2\u0006\u0010\u001f\u001a\u00020\b2\u0006\u0010 \u001a\u00020\b2\u0006\u0010!\u001a\u00020\b2\u0006\u0010\"\u001a\u00020\b2\u0006\u0010#\u001a\u00020\b2\u0006\u0010$\u001a\u00020\bH\u0002R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006%"}, d2 = {"Lcom/microsoft/did/sdk/identifier/IdentifierCreator;", "", "cryptoOperations", "Lcom/microsoft/did/sdk/crypto/CryptoOperations;", "payloadProcessor", "Lcom/microsoft/did/sdk/identifier/SidetreePayloadProcessor;", "(Lcom/microsoft/did/sdk/crypto/CryptoOperations;Lcom/microsoft/did/sdk/identifier/SidetreePayloadProcessor;)V", "computeLongFormIdentifier", "", "registrationPayload", "Lcom/microsoft/did/sdk/identifier/models/payload/RegistrationPayload;", "computeUniqueSuffix", "create", "Lcom/microsoft/did/sdk/util/controlflow/Result;", "Lcom/microsoft/did/sdk/identifier/models/Identifier;", "methodName", "createPairwiseId", "personaId", "peerId", "generateAndSaveKey", "Lcom/microsoft/did/sdk/crypto/keys/PublicKey;", "algorithm", "Lcom/microsoft/did/sdk/crypto/models/webCryptoApi/algorithms/Algorithm;", "target", AccessTokenRecord.SerializedNames.KID, "keyReference", "keyUsage", "generateKeyReferenceId", "keyType", "pairwiseIdentifierName", "transformIdentifierDocumentToIdentifier", "identifierLongForm", "alias", "signatureKeyReference", "recoveryKeyReference", "updateKeyReference", "name", "VerifiableCredential-SDK_release"}, mv = {1, 1, 16})
/* loaded from: classes2.dex */
public final class IdentifierCreator {
    private final CryptoOperations cryptoOperations;
    private final SidetreePayloadProcessor payloadProcessor;

    public IdentifierCreator(CryptoOperations cryptoOperations, SidetreePayloadProcessor payloadProcessor) {
        Intrinsics.checkParameterIsNotNull(cryptoOperations, "cryptoOperations");
        Intrinsics.checkParameterIsNotNull(payloadProcessor, "payloadProcessor");
        this.cryptoOperations = cryptoOperations;
        this.payloadProcessor = payloadProcessor;
    }

    private final String computeLongFormIdentifier(SidetreePayloadProcessor payloadProcessor, RegistrationPayload registrationPayload) {
        String str = registrationPayload.getSuffixData() + "." + registrationPayload.getPatchData();
        return computeUniqueSuffix(payloadProcessor, registrationPayload) + "?-ion-initial-state=" + str;
    }

    private final String computeUniqueSuffix(SidetreePayloadProcessor payloadProcessor, RegistrationPayload registrationPayload) {
        return "did:ion:" + Base64Url.INSTANCE.encode(payloadProcessor.multiHash$VerifiableCredential_SDK_release(Base64Url.INSTANCE.decode(registrationPayload.getSuffixData())));
    }

    private final PublicKey generateAndSaveKey(Algorithm algorithm, String target, String kid, String keyReference, String personaId, String keyUsage) {
        PrivateKey generatePairwise = this.cryptoOperations.generatePairwise(algorithm, AndroidConstants.masterSeed.getValue(), personaId, target);
        generatePairwise.setKid('#' + kid);
        generatePairwise.setUse(KeyUseKt.toKeyUse(keyUsage));
        PublicKey publicKey = generatePairwise.getPublicKey();
        publicKey.setKid('#' + kid);
        if (keyReference == null) {
            keyReference = generateKeyReferenceId(personaId, target, algorithm.getName(), KeyUse.Signature.getValue());
        }
        this.cryptoOperations.getKeyStore().save(keyReference, generatePairwise);
        this.cryptoOperations.getKeyStore().getPrivateKey(keyReference);
        return publicKey;
    }

    private final String generateKeyReferenceId(String personaId, String target, String algorithm, String keyType) {
        return personaId + '-' + target + '-' + algorithm + '-' + keyType;
    }

    private final String pairwiseIdentifierName(String peerId) {
        MessageDigest messageDigest = MessageDigest.getInstance("MD5");
        Base64Url base64Url = Base64Url.INSTANCE;
        byte[] digest = messageDigest.digest(ByteArrayUtilKt.stringToByteArray(peerId));
        Intrinsics.checkExpressionValueIsNotNull(digest, "digest.digest(stringToByteArray(peerId))");
        return base64Url.encode(digest);
    }

    private final Identifier transformIdentifierDocumentToIdentifier(String identifierLongForm, String alias, String signatureKeyReference, String recoveryKeyReference, String updateKeyReference, String name) {
        return new Identifier(identifierLongForm, alias, alias + '_' + signatureKeyReference, "", alias + '_' + recoveryKeyReference, alias + '_' + updateKeyReference, name);
    }

    public final Result<Identifier> create(String methodName) {
        Intrinsics.checkParameterIsNotNull(methodName, "methodName");
        String str = "sign_" + methodName;
        String str2 = "recover_" + methodName;
        String str3 = "update_" + methodName;
        try {
            String encode = Base64Url.INSTANCE.encode(Random.INSTANCE.nextBytes(2));
            return new Result.Success(transformIdentifierDocumentToIdentifier(computeLongFormIdentifier(this.payloadProcessor, this.payloadProcessor.generateCreatePayload(this.cryptoOperations.generateKeyPair(encode + '_' + str, KeyType.EllipticCurve), this.cryptoOperations.generateKeyPair(encode + '_' + str2, KeyType.EllipticCurve), this.cryptoOperations.generateKeyPair(encode + '_' + str3, KeyType.EllipticCurve))), encode, str, str2, str3, Constants.MASTER_IDENTIFIER_NAME));
        } catch (Exception e) {
            return new Result.Failure(new IdentifierCreatorException("Unable to create an identifier", e));
        }
    }

    public final Result<Identifier> createPairwiseId(String personaId, String peerId) {
        Map mapOf;
        Intrinsics.checkParameterIsNotNull(personaId, "personaId");
        Intrinsics.checkParameterIsNotNull(peerId, "peerId");
        String encode = Base64Url.INSTANCE.encode(Random.INSTANCE.nextBytes(6));
        String str = "sign_" + encode;
        String str2 = "recover_" + encode;
        String str3 = "update_" + encode;
        try {
            String encode2 = Base64Url.INSTANCE.encode(Random.INSTANCE.nextBytes(2));
            String value = W3cCryptoApiConstants.Secp256k1.getValue();
            mapOf = MapsKt__MapsJVMKt.mapOf(TuplesKt.to("hash", Sha.SHA256.getAlgorithm()));
            EcKeyGenParams ecKeyGenParams = new EcKeyGenParams(value, mapOf);
            return new Result.Success(transformIdentifierDocumentToIdentifier(computeLongFormIdentifier(this.payloadProcessor, this.payloadProcessor.generateCreatePayload(generateAndSaveKey(ecKeyGenParams, peerId, encode2 + '_' + (str + "_1"), encode2 + '_' + str, personaId, KeyUse.Signature.getValue()), generateAndSaveKey(ecKeyGenParams, peerId, encode2 + '_' + (str2 + "_1"), encode2 + '_' + str2, personaId, ""), generateAndSaveKey(ecKeyGenParams, peerId, encode2 + '_' + (str3 + "_1"), encode2 + '_' + str3, personaId, ""))), encode2, str, str2, str3, pairwiseIdentifierName(peerId)));
        } catch (Exception e) {
            return new Result.Failure(new IdentifierCreatorException("Unable to create an identifier", e));
        }
    }
}
